package jmine.tec.security.josso.gateway.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import jmine.tec.security.josso.JOSSOHelper;
import jmine.tec.security.josso.gateway.auth.SecurityManagerAuthScheme;

import org.josso.gateway.SSOException;
import org.josso.gateway.SSOGateway;

import bancosys.tec.security.SecurityURLMapping;
import bancosys.tec.security.impl.web.WebSecurityContext;
import bancosys.tec.security.impl.web.servlet.SecurityServlet;

/**
 * Servlet para logout para aplicações com JOSSO
 * 
 * @author lundberg
 * @deprecated Utilize algum LoginServlet comum, juntamente com o JOSSOGatewaySecurityManager e um JOSSOGatewayServlet para autenticar
 * aplicações partner e redirecionar.
 */
@Deprecated
public class JOSSOLogoutServlet extends SecurityServlet {

    private static final String LOGOUT_EXIT_PAGE = "logoutExitPage";

    private volatile String logoutExitPage;

    /**
     * Inicializa o servlet lendo os parametros de configuração.
     * 
     * @throws ServletException veja {@link SecurityServlet#init()}
     */
    @Override
    public void init() throws ServletException {
        super.init();
        this.logoutExitPage = SecurityURLMapping.getInstance().getLogoutURL();
        if (this.logoutExitPage == null) {
            this.logoutExitPage = this.getNotNull(this.getServletConfig().getInitParameter(LOGOUT_EXIT_PAGE), "/");
        }
    }

    /**
     * Delega para {@link #doPost(HttpServletRequest, HttpServletResponse)}
     * 
     * @param request request http.
     * @param response resposta http.
     * @throws ServletException e
     * @throws IOException e
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        this.doPost(request, response);
    }

    /**
     * Processa o login
     * 
     * @param request request http.
     * @param response resposta http.
     * @throws ServletException e
     * @throws IOException e
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String logoutUri = this.getNotNull(request.getParameter(LOGOUT_EXIT_PAGE), this.logoutExitPage);

        this.setNoCacheHeaders(response);
        this.logout(request, response);

        String backTo = JOSSOHelper.getBackTo(request);
        this.forward(request, response, backTo != null ? backTo : logoutUri);
    }

    /**
     * Executa o logout e invalida a sessão.
     * 
     * @param request request http.
     * @param response response
     * @throws ServletException ServletException
     */
    private void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException {
        try {
            SSOGateway gateway = JOSSOHelper.getSSOGateway(request.getSession().getServletContext());
            JOSSOHelper.prepareContext(request, SecurityManagerAuthScheme.SCHEME_NAME);
            gateway.logout();
            JOSSOHelper.removeJossoSessionId(request, response);
        } catch (SSOException e) {
            throw new ServletException(e.getMessage(), e);
        }
        this.getSecurityManager().logout(new WebSecurityContext(request, response));
        request.getSession().invalidate();

    }

    /**
     * {@inheritDoc}
     */
    @Override
    protected void forward(HttpServletRequest request, HttpServletResponse response, String uri) throws ServletException, IOException {
        if (uri != null && !uri.startsWith("/")) {
            response.sendRedirect(uri);
        } else {
            super.forward(request, response, uri);
        }
    }
}
